Details
-
Type:
Bug
-
Status: Resolved (View Workflow)
-
Priority:
Critical
-
Resolution: Fixed
-
Component/s: github-oauth-plugin
-
Labels:None
-
Environment:OS: Ubuntu 18.04.2 - 64 bit
Java: openjdk version "1.8.0_191"
github-oauth-plugin: 0.32
Jenkins: 2.164.2
-
Similar Issues:
-
Released As:github-oauth-0.33
Description
After upgrading to github-oauth-plugin 0.32 I started to see this error in /configureSecurity when it tries to retrieve the name of a github user:
HTTP ERROR 403 Problem accessing /descriptorByName/hudson.security.ProjectMatrixAuthorizationStrategy/checkName. Reason: Forbidden
The first user has its name retrieved successfully but all others have the error mentioned above.
See the attachment users.png.
The workaround for now is revert to 0.31.
Attachments
Issue Links
- is duplicated by
-
JENKINS-57595 with GitHub OAuth plugin 0.31->0.32 Matrix-based security errors
-
- Closed
-
-
JENKINS-56997 this.me NullPointerException in GithubAuthenticationToken.java oauth
-
- Closed
-
Activity
Field | Original Value | New Value |
---|---|---|
Description |
After upgrading to github-oauth-plugin 0.32 I started to see this error in `/configureSecurity` when it tries to retrieve the name of a github user: {noformat} HTTP ERROR 403 Problem accessing /descriptorByName/hudson.security.ProjectMatrixAuthorizationStrategy/checkName. Reason: Forbidden {noformat} The first user is has its name retrieved successfully but all others has the error mentioned above. See the attachment *users.png*. |
After upgrading to github-oauth-plugin 0.32 I started to see this error in `/configureSecurity` when it tries to retrieve the name of a github user: {noformat} HTTP ERROR 403 Problem accessing /descriptorByName/hudson.security.ProjectMatrixAuthorizationStrategy/checkName. Reason: Forbidden {noformat} The first user is has its name retrieved successfully but all others has the error mentioned above. See the attachment *users.png*. |
Description |
After upgrading to github-oauth-plugin 0.32 I started to see this error in `/configureSecurity` when it tries to retrieve the name of a github user: {noformat} HTTP ERROR 403 Problem accessing /descriptorByName/hudson.security.ProjectMatrixAuthorizationStrategy/checkName. Reason: Forbidden {noformat} The first user is has its name retrieved successfully but all others has the error mentioned above. See the attachment *users.png*. |
After upgrading to github-oauth-plugin 0.32 I started to see this error in `/configureSecurity` when it tries to retrieve the name of a github user: {noformat} HTTP ERROR 403 Problem accessing /descriptorByName/hudson.security.ProjectMatrixAuthorizationStrategy/checkName. Reason: Forbidden {noformat} The first user is has its name retrieved successfully but all others hve the error mentioned above. See the attachment *users.png*. |
Description |
After upgrading to github-oauth-plugin 0.32 I started to see this error in `/configureSecurity` when it tries to retrieve the name of a github user: {noformat} HTTP ERROR 403 Problem accessing /descriptorByName/hudson.security.ProjectMatrixAuthorizationStrategy/checkName. Reason: Forbidden {noformat} The first user is has its name retrieved successfully but all others hve the error mentioned above. See the attachment *users.png*. |
After upgrading to github-oauth-plugin 0.32 I started to see this error in `/configureSecurity` when it tries to retrieve the name of a github user: {noformat} HTTP ERROR 403 Problem accessing /descriptorByName/hudson.security.ProjectMatrixAuthorizationStrategy/checkName. Reason: Forbidden {noformat} The first user is has its name retrieved successfully but all others have the error mentioned above. See the attachment *users.png*. |
Attachment | users.png [ 46854 ] |
Attachment | users.png [ 46855 ] |
Description |
After upgrading to github-oauth-plugin 0.32 I started to see this error in `/configureSecurity` when it tries to retrieve the name of a github user: {noformat} HTTP ERROR 403 Problem accessing /descriptorByName/hudson.security.ProjectMatrixAuthorizationStrategy/checkName. Reason: Forbidden {noformat} The first user is has its name retrieved successfully but all others have the error mentioned above. See the attachment *users.png*. |
After upgrading to github-oauth-plugin 0.32 I started to see this error in `/configureSecurity` when it tries to retrieve the name of a github user: {noformat} HTTP ERROR 403 Problem accessing /descriptorByName/hudson.security.ProjectMatrixAuthorizationStrategy/checkName. Reason: Forbidden {noformat} The first user has its name retrieved successfully but all others have the error mentioned above. See the attachment *users.png*. |
Description |
After upgrading to github-oauth-plugin 0.32 I started to see this error in `/configureSecurity` when it tries to retrieve the name of a github user: {noformat} HTTP ERROR 403 Problem accessing /descriptorByName/hudson.security.ProjectMatrixAuthorizationStrategy/checkName. Reason: Forbidden {noformat} The first user has its name retrieved successfully but all others have the error mentioned above. See the attachment *users.png*. |
After upgrading to github-oauth-plugin 0.32 I started to see this error in */configureSecurity* when it tries to retrieve the name of a github user: {noformat} HTTP ERROR 403 Problem accessing /descriptorByName/hudson.security.ProjectMatrixAuthorizationStrategy/checkName. Reason: Forbidden {noformat} The first user has its name retrieved successfully but all others have the error mentioned above. See the attachment *users.png*. |
Description |
After upgrading to github-oauth-plugin 0.32 I started to see this error in */configureSecurity* when it tries to retrieve the name of a github user: {noformat} HTTP ERROR 403 Problem accessing /descriptorByName/hudson.security.ProjectMatrixAuthorizationStrategy/checkName. Reason: Forbidden {noformat} The first user has its name retrieved successfully but all others have the error mentioned above. See the attachment *users.png*. |
After upgrading to github-oauth-plugin 0.32 I started to see this error in */configureSecurity* when it tries to retrieve the name of a github user: {noformat} HTTP ERROR 403 Problem accessing /descriptorByName/hudson.security.ProjectMatrixAuthorizationStrategy/checkName. Reason: Forbidden {noformat} The first user has its name retrieved successfully but all others have the error mentioned above. See the attachment *users.png*. The workaround for now is revert to 0.31. |
Summary | HTTP ERROR 403 | Regression in github-oauth-plugin 0.32 breaks /configureSecurity page |
Priority | Major [ 3 ] | Critical [ 2 ] |
Status | Open [ 1 ] | In Progress [ 3 ] |
Link |
This issue is duplicated by |
Released As | 0.33 | |
Resolution | Fixed [ 1 ] | |
Status | In Progress [ 3 ] | Resolved [ 5 ] |
Released As | 0.33 | github-oauth-0.33 |
Link |
This issue is duplicated by |
This issue affects me as well.
Considering that version 0.31 is affected by a CSRF vulnerability (https://jenkins.io/security/advisory/2019-04-30/#SECURITY-443), do you guys have any ETA for fixing this, so we can update to 0.32 as soon as possible ?
Without any workaround for this issue, it's hard to maintain a Matrix-based security authorization using 0.32, since you'll get error 403 for every user present there.
Thank-you,
Ionut